diff options
Diffstat (limited to 'source4/rpc_server')
-rw-r--r-- | source4/rpc_server/lsa/dcesrv_lsa.c | 56 | ||||
-rw-r--r-- | source4/rpc_server/samr/dcesrv_samr.c | 26 |
2 files changed, 34 insertions, 48 deletions
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c index 78973776f1..85f94712ba 100644 --- a/source4/rpc_server/lsa/dcesrv_lsa.c +++ b/source4/rpc_server/lsa/dcesrv_lsa.c @@ -220,6 +220,9 @@ static NTSTATUS lsa_get_policy_state(struct dcesrv_call_state *dce_call, TALLOC_ struct lsa_policy_state **_state) { struct lsa_policy_state *state; + const char *domain_attrs[] = {"nETBIOSName", "nCName", NULL}; + int ret_domain; + struct ldb_message **msgs_domain; state = talloc(mem_ctx, struct lsa_policy_state); if (!state) { @@ -237,36 +240,47 @@ static NTSTATUS lsa_get_policy_state(struct dcesrv_call_state *dce_call, TALLOC_ return NT_STATUS_INVALID_SYSTEM_SERVICE; } + ret_domain = gendb_search(state->sam_ldb, mem_ctx, NULL, &msgs_domain, domain_attrs, + "(&(&(nETBIOSName=%s)(objectclass=crossRef))(ncName=*))", + lp_workgroup()); + + if (ret_domain == -1) { + return NT_STATUS_INTERNAL_DB_CORRUPTION; + } + + if (ret_domain != 1) { + return NT_STATUS_NO_SUCH_DOMAIN; + } + /* work out the domain_dn - useful for so many calls its worth fetching here */ - state->domain_dn = talloc_reference(state, - samdb_search_string(state->sam_ldb, mem_ctx, NULL, - "dn", "(&(objectClass=domain)(!(objectclass=builtinDomain)))")); + state->domain_dn = talloc_steal(state, samdb_result_string(msgs_domain[0], "nCName", NULL)); if (!state->domain_dn) { return NT_STATUS_NO_SUCH_DOMAIN; } /* work out the builtin_dn - useful for so many calls its worth fetching here */ - state->builtin_dn = talloc_reference(state, - samdb_search_string(state->sam_ldb, mem_ctx, NULL, - "dn", "objectClass=builtinDomain")); + state->builtin_dn = talloc_steal(state, + samdb_search_string(state->sam_ldb, mem_ctx, NULL, + "dn", "objectClass=builtinDomain")); if (!state->builtin_dn) { return NT_STATUS_NO_SUCH_DOMAIN; } /* work out the system_dn - useful for so many calls its worth fetching here */ - state->system_dn = talloc_reference(state, - samdb_search_string(state->sam_ldb, mem_ctx, state->domain_dn, - "dn", "(&(objectClass=container)(cn=System))")); + state->system_dn = talloc_steal(state, + samdb_search_string(state->sam_ldb, mem_ctx, state->domain_dn, + "dn", "(&(objectClass=container)(cn=System))")); if (!state->system_dn) { return NT_STATUS_NO_SUCH_DOMAIN; } - state->domain_sid = samdb_search_dom_sid(state->sam_ldb, state, - state->domain_dn, "objectSid", - "dn=%s", state->domain_dn); + state->domain_sid = talloc_steal(state, + samdb_search_dom_sid(state->sam_ldb, state, + state->domain_dn, "objectSid", + "dn=%s", state->domain_dn)); if (!state->domain_sid) { return NT_STATUS_NO_SUCH_DOMAIN; } @@ -276,13 +290,9 @@ static NTSTATUS lsa_get_policy_state(struct dcesrv_call_state *dce_call, TALLOC_ return NT_STATUS_NO_SUCH_DOMAIN; } - state->domain_name = talloc_reference(state, - samdb_search_string(state->sam_ldb, mem_ctx, - state->domain_dn, "name", - "dn=%s", state->domain_dn)); - if (!state->domain_name) { - return NT_STATUS_NO_SUCH_DOMAIN; - } + state->domain_name = talloc_strdup(state, + samdb_result_string(msgs_domain[0], "nETBIOSName", + lp_workgroup())); *_state = state; @@ -619,14 +629,6 @@ static NTSTATUS lsa_CreateTrustedDomain(struct dcesrv_call_state *dce_call, TALL samdb_msg_add_string(trusted_domain_state->policy->sam_ldb, mem_ctx, msg, "securityIdentifier", sid_string); } - /* pull in all the template attributes. */ - ret = samdb_copy_template(trusted_domain_state->policy->sam_ldb, mem_ctx, msg, - "(&(name=TemplateTrustedDomain)(objectclass=trustedDomainTemplate))"); - if (ret != 0) { - DEBUG(0,("Failed to load TemplateTrustedDomain from samdb\n")); - return NT_STATUS_INTERNAL_DB_CORRUPTION; - } - samdb_msg_add_string(trusted_domain_state->policy->sam_ldb, mem_ctx, msg, "objectClass", "trustedDomain"); trusted_domain_state->trusted_domain_dn = talloc_reference(trusted_domain_state, msg->dn); diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c index 3cda88c04c..26593d1697 100644 --- a/source4/rpc_server/samr/dcesrv_samr.c +++ b/source4/rpc_server/samr/dcesrv_samr.c @@ -747,7 +747,7 @@ static NTSTATUS samr_CreateUser2(struct dcesrv_call_state *dce_call, TALLOC_CTX a_state->domain_state = talloc_reference(a_state, d_state); a_state->account_dn = talloc_steal(a_state, msg->dn); - /* retrieve the sid for the group just created */ + /* retrieve the sid for the user just created */ sid = samdb_search_dom_sid(d_state->sam_ctx, a_state, msg->dn, "objectSid", "dn=%s", msg->dn); if (sid == NULL) { @@ -907,7 +907,7 @@ static NTSTATUS samr_CreateDomAlias(struct dcesrv_call_state *dce_call, TALLOC_C /* Check if alias already exists */ name = samdb_search_string(d_state->sam_ctx, mem_ctx, NULL, "sAMAccountName", - "(&pAMAccountName=%s)(objectclass=group))", + "(sAMAccountName=%s)(objectclass=group))", alias_name); if (name != NULL) { @@ -2040,17 +2040,6 @@ static NTSTATUS samr_AddAliasMember(struct dcesrv_call_state *dce_call, TALLOC_C return NT_STATUS_NO_MEMORY; } - /* pull in all the template attributes */ - ret = samdb_copy_template(d_state->sam_ctx, mem_ctx, msg, - "(&(name=TemplateForeignSecurityPrincipal)" - "(objectclass=foreignSecurityPrincipalTemplate))"); - if (ret != 0) { - DEBUG(0,("Failed to load " - "TemplateForeignSecurityPrincipal " - "from samdb\n")); - return NT_STATUS_INTERNAL_DB_CORRUPTION; - } - /* TODO: Hmmm. This feels wrong. How do I find the base dn to * put the ForeignSecurityPrincipals? d_state->domain_dn does * not work, this is wrong for the Builtin domain, there's no @@ -2076,13 +2065,9 @@ static NTSTATUS samr_AddAliasMember(struct dcesrv_call_state *dce_call, TALLOC_C memberdn = msg->dn; samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, - "name", sidstr); - samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "objectClass", "foreignSecurityPrincipal"); - samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, - "objectSid", sidstr); - + /* create the alias */ ret = samdb_add(d_state->sam_ctx, mem_ctx, msg); if (ret != 0) { @@ -3256,7 +3241,7 @@ static NTSTATUS samr_GetDomPwInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX struct ldb_message **msgs; int ret; const char * const attrs[] = {"minPwdLength", "pwdProperties", NULL }; - void *sam_ctx; + struct ldb_context *sam_ctx; ZERO_STRUCT(r->out.info); @@ -3267,8 +3252,7 @@ static NTSTATUS samr_GetDomPwInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX ret = gendb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs, - "(&(name=%s)(objectclass=domain))", - lp_workgroup()); + "(&(!(objectClass=builtinDomain))(objectclass=domain))"); if (ret <= 0) { return NT_STATUS_NO_SUCH_DOMAIN; } |